Modified IP suggestions to only view the IP from the logged in customer. Added hints (description) to A or AAAA records. Fixes #4529, #4386

Pascal Dreissen · Pascal Dreissen · commit 66d75e3f3d60 · 2018-02-26T00:25:39.000+01:00
diff --git a/interface/lib/classes/functions.inc.php b/interface/lib/classes/functions.inc.php
@@ -182,11 +182,25 @@ public function json_encode($data) {
 		}
 	}
 
+
+	/**
+	 * Function to suggest IP addresses in selectbox with hints, limited to the client logged in.
+	 *
+	 * @access public
+	 * @param string $type (default: 'IPv4')
+	 * @return void
+	 */
 	public function suggest_ips($type = 'IPv4'){
 		global $app;
 
+		$use_suggestions = $app->getconf->get_global_config('misc')['use_ipsuggestions'] == 'y' ? true : false;;
+		if(!$use_suggestions) {return array('cheader' => array(), 'cdata' => array());}
+
+		$suggestions_max = $app->getconf->get_global_config('misc')['ipsuggestions_max'];
+		$groupid = intval($_SESSION["s"]["user"]["default_group"]);
+
 		if($type == 'IPv4'){
-//			$regex = "/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/";
+			//   $regex = "/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/";
 			$regex = "/^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/";
 		} else {
 			// IPv6
@@ -198,58 +212,75 @@ public function suggest_ips($type = 'IPv4'){
 		$servers = $app->db->queryAllRecords("SELECT * FROM server");
 		if(is_array($servers) && !empty($servers)){
 			foreach($servers as $server){
-				$server_by_id[$server['server_id']] = $server['server_name'];
+				$server_by_id[$server['server_id']] = '<span class="ip_suggestion_server">server: ' . $server['server_name'] . '</span>';
 			}
 		}
 
+		$localips = array();
 		$ips = array();
 		$results = $app->db->queryAllRecords("SELECT ip_address AS ip, server_id FROM server_ip WHERE ip_type = ?", $type);
 		if(!empty($results) && is_array($results)){
 			foreach($results as $result){
 				if(preg_match($regex, $result['ip'])){
-					$ips[] = $result['ip'];
+					$localips[] = $result['ip'];
 					$server_by_ip[$result['ip']] = $server_by_id[$result['server_id']];
 				}
 			}
 		}
+
 		$results = $app->db->queryAllRecords("SELECT ip_address AS ip FROM openvz_ip");
 		if(!empty($results) && is_array($results)){
 			foreach($results as $result){
 				if(preg_match($regex, $result['ip'])) $ips[] = $result['ip'];
 			}
 		}
-		$results = $app->db->queryAllRecords("SELECT data AS ip FROM dns_rr WHERE type = 'A' OR type = 'AAAA'");
+		$results = $groupid != 1 ? $app->db->queryAllRecords("SELECT rr.data AS server_ip, rr.name as server_name, soa.origin as domain FROM dns_rr as rr, dns_soa as soa WHERE (rr.type = 'A' OR rr.type = 'AAAA') AND soa.id = rr.zone AND rr.sys_groupid = ?", $groupid) : $results = $app->db->queryAllRecords("SELECT rr.data AS server_ip, rr.name as server_name, soa.origin as domain FROM dns_rr as rr, dns_soa as soa WHERE (rr.type = 'A' OR rr.type = 'AAAA') AND soa.id = rr.zone");
+
 		if(!empty($results) && is_array($results)){
 			foreach($results as $result){
-				if(preg_match($regex, $result['ip'])) $ips[] = $result['ip'];
+				$result['server_name'] = substr($result['server_name'], -1) == '.' ? $result['server_name'] : $result['server_name'] . '.' . $result['domain'];
+				if (!array_key_exists($result['server_ip'],$server_by_ip)) {
+					$server_by_ip[$result['server_ip']] = 'dns: ' . $result['server_name'];
+					if(preg_match($regex, $result['server_ip'])) $ips[] = $result['server_ip'];
+				}
 			}
 		}
-		$results = $app->db->queryAllRecords("SELECT ns AS ip FROM dns_slave");
+
+		$results = $groupid != 1 ? $app->db->queryAllRecords("SELECT ns AS ip FROM dns_slave WHERE sys_groupid = ?", $groupid) : $results = $app->db->queryAllRecords("SELECT ns AS ip FROM dns_slave");
+
 		if(!empty($results) && is_array($results)){
 			foreach($results as $result){
-				if(preg_match($regex, $result['ip'])) $ips[] = $result['ip'];
+				if (!array_key_exists($result['ip'],$server_by_ip)) {
+					if(preg_match($regex, $result['ip'])) $ips[] = $result['ip'];
+				}
 			}
 		}
-		
-		$results = $app->db->queryAllRecords("SELECT remote_ips FROM web_database WHERE remote_ips != ''");
+
+		$results = $groupid != 1 ? $app->db->queryAllRecords("SELECT database_name as name,remote_ips as ip FROM web_database WHERE remote_ips != '' AND sys_groupid = ?", $groupid) : $results = $app->db->queryAllRecords("SELECT database_name as name,remote_ips as ip FROM web_database WHERE remote_ips != ''");
+
 		if(!empty($results) && is_array($results)){
 			foreach($results as $result){
-				$tmp_ips = explode(',', $result['remote_ips']);
+				$tmp_ips = explode(',', $result['ip']);
 				foreach($tmp_ips as $tmp_ip){
 					$tmp_ip = trim($tmp_ip);
-					if(preg_match($regex, $tmp_ip)) $ips[] = $tmp_ip;
+					if (!array_key_exists($tmp_ip,$server_by_ip)) {
+						$server_by_ip[$tmp_ip] = 'database: ' . $result['name'];
+						if(preg_match($regex, $tmp_ip)) $ips[] = $tmp_ip;
+					}
 				}
 			}
 		}
 		$ips = array_unique($ips);
+		sort($localips, SORT_NUMERIC);
 		sort($ips, SORT_NUMERIC);
-
+		$ips = array_merge($localips,$ips);
+		$ips = array_slice($ips, 0, $suggestions_max);
 		$result_array = array('cheader' => array(), 'cdata' => array());
 
 		if(!empty($ips)){
 			$result_array['cheader'] = array('title' => 'IPs',
 				'total' => count($ips),
-				'limit' => count($ips)
+				'limit' => count($ips),
 			);
 
 			foreach($ips as $ip){
@@ -282,7 +313,7 @@ public function intval($string, $force_numeric = false) {
 	 */
 	public function formatBytes($size, $precision = 2) {
 		$suffixes=array('', ' kB', ' MB', ' GB', ' TB');
-		if($size != 0 && !is_nan($size)) { 
+		if($size != 0 && !is_nan($size)) {
 			$base=log($size)/log(1024);
 			$tmpoutput =  round(pow(1024, $base-floor($base)), $precision).$suffixes[floor($base)];
 		} else {
@@ -371,42 +402,42 @@ public function idn_decode($domain) {
 
 	public function is_allowed_user($username, $restrict_names = false) {
 		global $app;
-		
+
 		$name_blacklist = array('root','ispconfig','vmail','getmail');
 		if(in_array($username,$name_blacklist)) return false;
-		
+
 		if(preg_match('/^[a-zA-Z0-9\.\-_]{1,32}$/', $username) == false) return false;
-		
+
 		if($restrict_names == true && preg_match('/^web\d+$/', $username) == false) return false;
-		
+
 		return true;
 	}
-	
+
 	public function is_allowed_group($groupname, $restrict_names = false) {
 		global $app;
-		
+
 		$name_blacklist = array('root','ispconfig','vmail','getmail');
 		if(in_array($groupname,$name_blacklist)) return false;
-		
+
 		if(preg_match('/^[a-zA-Z0-9\.\-_]{1,32}$/', $groupname) == false) return false;
-		
+
 		if($restrict_names == true && preg_match('/^client\d+$/', $groupname) == false) return false;
-		
+
 		return true;
 	}
-	
+
 	public function getimagesizefromstring($string){
 		if (!function_exists('getimagesizefromstring')) {
 			$uri = 'data://application/octet-stream;base64,' . base64_encode($string);
 			return getimagesize($uri);
 		} else {
 			return getimagesizefromstring($string);
-		}		
+		}
 	}
-	
+
 	public function password($minLength = 10, $special = false){
 		global $app;
-	
+
 		$iteration = 0;
 		$password = "";
 		$maxLength = $minLength + 5;
@@ -431,21 +462,21 @@ public function password($minLength = 10, $special = false){
 	public function getRandomInt($min, $max){
 		return floor((mt_rand() / mt_getrandmax()) * ($max - $min + 1)) + $min;
 	}
-	
+
 	public function generate_customer_no(){
 		global $app;
 		// generate customer no.
 		$customer_no = mt_rand(100000, 999999);
 		while($app->db->queryOneRecord("SELECT client_id FROM client WHERE customer_no = ?", $customer_no)) {
 			$customer_no = mt_rand(100000, 999999);
 		}
-		
+
 		return $customer_no;
 	}
-	
+
 	public function generate_ssh_key($client_id, $username = ''){
 		global $app;
-		
+
 		// generate the SSH key pair for the client
 		$id_rsa_file = '/tmp/'.uniqid('',true);
 		$id_rsa_pub_file = $id_rsa_file.'.pub';
@@ -459,7 +490,7 @@ public function generate_ssh_key($client_id, $username = ''){
 			$app->log("Failed to create SSH keypair for ".$username, LOGLEVEL_WARN);
 		}
 	}
-	
+
 	public function htmlentities($value) {
 		global $conf;
 
@@ -475,7 +506,7 @@ public function htmlentities($value) {
 		} else {
 			$out = htmlentities($value, ENT_QUOTES, $conf["html_content_encoding"]);
 		}
-		
+
 		return $out;
 	}
 }
diff --git a/interface/web/admin/form/system_config.tform.php b/interface/web/admin/form/system_config.tform.php
@@ -602,6 +602,20 @@
 			'default' => 'y',
 			'value'  => array(0 => 'n', 1 => 'y')
 		),
+		'use_ipsuggestions' => array (
+                        'datatype' => 'VARCHAR',
+                        'formtype' => 'CHECKBOX',
+                        'default' => 'y',
+                        'value'  => array(0 => 'n', 1 => 'y')
+                ),
+		'ipsuggestions_max' => array (
+                        'datatype' => 'INTEGER',
+                        'formtype' => 'TEXT',
+                        'default' => '',
+                        'value'  => '',
+                        'width'  => '30',
+                        'maxlength' => '255'
+                ),
 		'maintenance_mode' => array (
 			'datatype' => 'VARCHAR',
 			'formtype' => 'CHECKBOX',
diff --git a/interface/web/admin/lib/lang/en_system_config.lng b/interface/web/admin/lib/lang/en_system_config.lng
@@ -95,4 +95,7 @@ $wb['ca_iodef_txt'] = 'iodef';
 $wb['active_txt'] = 'Aktive';
 $wb['btn_save_txt'] = 'Save';
 $wb['btn_cancel_txt'] = 'Cancel';
+$wb['use_ipsuggestions_txt'] = 'Enable IP suggestions dropdown';
+$wb['use_ipsuggestions_descr_txt'] = 'Shows a dropdown list of IP addresses below a field where an IP address is needed for both IPv4 and IPv6.';
+$wb['ipsuggestions_max_txt'] = 'Max IP suggestions';
 ?>
diff --git a/interface/web/admin/lib/lang/nl_system_config.lng b/interface/web/admin/lib/lang/nl_system_config.lng
@@ -68,7 +68,7 @@ $wb['customer_no_template_error_regex_txt'] = 'The customer No. template contain
 $wb['customer_no_start_txt'] = 'Customer No. start value';
 $wb['customer_no_counter_txt'] = 'Customer No. counter';
 $wb['session_timeout_txt'] = 'Session timeout (minutes)';
-$wb['session_allow_endless_txt'] = 'Enable \\"stay logged in\\"';
+$wb['session_allow_endless_txt'] = 'Enable "stay logged in"';
 $wb['No'] = 'No';
 $wb['min_password_length_txt'] = 'Minimum password length';
 $wb['min_password_strength_txt'] = 'Minimum password strength';
@@ -91,4 +91,7 @@ $wb['active_txt'] = 'Aktive';
 $wb['btn_save_txt'] = 'Save';
 $wb['btn_cancel_txt'] = 'Cancel';
 $wb['asp_new_package_disabled_txt'] = 'Disable new aps packages';
+$wb['use_ipsuggestions_txt'] = 'IP adres suggesties inschakelen';
+$wb['use_ipsuggestions_descr_txt'] = 'Toont een dropdown box met een lijst van IP adressen voor IPv4 en IPv6 adressen.';
+$wb['ipsuggestions_max_txt'] = 'Max aantal IP suggesties';
 ?>
diff --git a/interface/web/admin/templates/system_config_misc_edit.htm b/interface/web/admin/templates/system_config_misc_edit.htm
@@ -81,6 +81,15 @@ <h1><tmpl_var name="list_head_txt"></h1>
                 </div>
             </div>
 			<div class="form-group">
+                <label class="col-sm-3 control-label">{tmpl_var name='use_ipsuggestions_txt'}</label>
+                <div class="col-sm-9">
+                    {tmpl_var name='use_ipsuggestions'}<br/>{tmpl_var name='use_ipsuggestions_descr_txt'}
+                </div>
+            </div>
+			<div class="form-group">
+                <label for="ipsuggestions_max" class="col-sm-3 control-label">{tmpl_var name='ipsuggestions_max_txt'}</label>
+                <div class="col-sm-9"><input type="text" name="ipsuggestions_max" id="ipsuggestions_max" value="{tmpl_var name='ipsuggestions_max'}" class="form-control" /></div></div>
+			<div class="form-group">
                 <label for="customer_no_template" class="col-sm-3 control-label">{tmpl_var name='customer_no_template_txt'}</label>
                 <div class="col-sm-9"><input type="text" name="customer_no_template" id="customer_no_template" value="{tmpl_var name='customer_no_template'}" class="form-control" /></div></div>
 			<div class="form-group">
